User-ID Agent Settings

User-ID Agent Settings

Panorama > Managed Collectors
> User-ID Agents

A Dedicated Log Collector can receive user mappings from up to
100 User-ID agents. The agents can be PAN-OS integrated User-ID
agents that run on firewalls or Windows-based User-ID agents. On
a firewall with multiple virtual systems, each virtual system can
serve as a separate User-ID agent. The Log Collector can then redistribute
the user mappings to firewalls or the Panorama management server.

To configure a Dedicated Log Collector to connect to a User-ID
agent, Add one and configure the settings
as described in the following table.

User-ID Agent Settings

Description

Name

Enter a name (up to 31 characters) to identify
the User-ID agent. The name is case-sensitive, must be unique, and
can contain only letters, numbers, spaces, hyphens, and underscores.

For
a firewall serving as a User-ID agent, this field does not have to
match the Collector
Name field.

Host

Windows-based User-ID agent—Enter
the IP address of the Windows host on which the User-ID agent is
installed.

Firewall (PAN-OS integrated User-ID agent)—Enter the
host name or IP address of the interface that the firewall uses
to redistribute user mappings.

Port

Enter the port number on which the User-ID
agent will listen for User-ID requests. The default is port 5007
but you can specify any available port. Different User-ID agents
can use different ports.

Some earlier versions of the
User-ID agent use port 2010 as the default.

Collector Name

The collector that these
fields refer to is the User-ID agent, not the Log Collector. The
fields apply only if the agent is a firewall or virtual system that
redistributes user mappings to the Log Collector. Enter the Collector
Name and Pre-Shared Key that
identify the firewall or virtual system as a User-ID agent. You
must enter the same values as you did when configuring the firewall
or virtual system to serve as a User-ID agent (see Redistribution).

Collector Pre-shared Key / Confirm Collector Pre-shared key

Enabled

Select to enable the Log Collector to communicate
with the User-ID agent.

Redistribution

Configure User-ID Redistribution

Configure User-ID Redistribution Before you configure User-ID redistribution: Plan the redistribution architecture. Some factors to consider are: Which firewalls will enforce policies for all users ...

User-ID Redistribution Using Panorama

User-ID Redistribution Using Panorama One of the key benefits of the Palo Alto Networks firewall is that it can enforce policies and generate reports based ...

Firewall Deployment for User-ID Redistribution

Firewall Deployment for User-ID Redistribution To aggregate User-ID information, organize the redistribution sequence in layers, where each layer has one or more firewalls. In the ...

Configure the Windows-Based User-ID Agent for User Mapping

Configure the Windows-Based User-ID Agent for User Mapping The Palo Alto Networks User-ID agent is a Windows service that connects to servers on your network—for ...

Install the Windows-Based User-ID Agent

Install the Windows-Based User-ID Agent The following procedure shows how to install the User-ID agent on a member server in the domain and set up ...

Redistribute HIP Reports

Redistribute HIP Reports To ensure consistent Host Information Profile (HIP) policy enforcement and to simplify policy management, you can distribute HIP reports received from the ...